IIS 6.0 Documentation > IIS 6.0 Operations Guide > Security in IIS 6.0 > Access Control with IIS 6.0 > Securing Files with NTFS Permissions > Setting NTFS Permissions for Directories or Files

Securing a Web Site Using NTFS Permissions (IIS 6.0)

You can strengthen the security of a Web site by configuring NTFS permissions for directories, virtual directories, or the Web site itself.

  Important

You must be a member of the Administrators group on the local computer to perform the following procedure or procedures. As a security best practice, log on to your computer by using an account that is not in the Administrators group, and then use the runas command to run IIS Manager as an administrator. At a command prompt, type runas /user:Administrative_AccountName "mmc %systemroot%\system32\inetsrv\iis.msc".

Procedures

To secure a Web site by using NTFS permissions

1.

In IIS Manager, expand the local computer, right-click a Web site or file, and then click Permissions.

Do one of the following:

TaskProcedure

Add a group or user that does not appear in the Group or user names list box.

Change or remove permissions from an existing group or user.

In the Group or user names list box, click the name of the group or user.

2.

To allow or deny a specific permission, in the Permissions for User or Group list box, select the Allow or Deny check box.

  Important

Inherited Deny permissions do not prevent access to an object if the object has an explicit Allow permission entry. Explicit permissions take precedence over inherited permissions, including inherited Deny permissions.

Related Information

For more information about access control, see "Access Control" in Help and Support Center for Windows Server 2003.


Top of pageTop of page